package com.zs.blog.util;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Base64;

/**
 * @Title: SecurityUtil
 * @Author zs
 * @Package com.zs.blog.util
 * @Date 2025/11/12 22:02
 * @description: 数据加密解密安全工具类
 */
public class SecurityUtil {
    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    /**
     * AES加密
     * @param key 密钥
     * @param content 加密的内容
     * @return 加密的数据
     */
    public static String encryptionByAES(String key, String content) {
        try {
            // 构建加密解密对象cipher
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
            SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            // 构建随机iv
            byte[] ivBytes = new byte[16];
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(ivBytes);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);
            cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);
            // 加密数据
            byte[] encrypted = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));

            // 拼接加密数据与随机iv
            byte[] combined = new byte[ivBytes.length + encrypted.length];
            System.arraycopy(ivBytes, 0, combined, 0, ivBytes.length);
            System.arraycopy(encrypted, 0, combined, ivBytes.length, encrypted.length);

            // 返回
            return Base64.getEncoder().encodeToString(combined);
        } catch (Exception e) {
            throw new RuntimeException("加密失败", e);
        }

    }

    /**
     * AES解密
     * @param key 密钥
     * @param encryptedData 需要解密的数据
     * @return 解密的数据
     */
    public static String decryptionByAES(String key, String encryptedData) {
        try {
            // 解析加密数据
            byte[] decryptedBytes = Base64.getDecoder().decode(encryptedData.getBytes(StandardCharsets.UTF_8));
            byte[] ivBytes = new byte[16];
            byte[] encrypted = new byte[decryptedBytes.length - 16];
            System.arraycopy(decryptedBytes, 0, ivBytes, 0, 16);
            System.arraycopy(decryptedBytes, 16, encrypted, 0, encrypted.length);

            // 构建加密解密对象cipher
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
            SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);
            cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
            // 解密数据
            byte[] decrypted = cipher.doFinal(encrypted);
            // 返回
            return new String(decrypted, StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw new RuntimeException("解密失败", e);
        }

    }
}
